CVE-2016-15030 Vulnerability Details

  /     /     /  

CVE-2016-15030 Metadata Quick Info

CVE Published: 25/03/2023 | CVE Updated: 06/08/2024 | CVE Year: 2016
Source: VulDB | Vendor: Arno0x | Product: TwoFactorAuth
Status : PUBLISHED

---

CVE-2016-15030 Description

A vulnerability classified as problematic has been found in Arno0x TwoFactorAuth. This affects an unknown part of the file login/login.php. The manipulation of the argument from leads to open redirect. It is possible to initiate the attack remotely. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The patch is named 8549ad3cf197095f783643e41333586d6a4d0e54. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-223803.

Metrics

CVSS Version: 3.1 | Base Score: 3.5 LOW
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID: CWE-601
CWE Name: CWE-601 Open Redirect
Source: Arno0x

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).